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REMARKS 

This is in response to the Office Action mailed on April 13. 2004 , and the references 
cited therewith. 

Claims 1-3, 5-6, 9-1 L 13, 14, 18-19, 2L 23, and 27 are amended; as a result, claims 1-31 
are now pending in this application. 

$772 Rejection of the Claims 
Claim 1 and the intervening claims were rejected under 35 USC § 1 12, second paragraph, 
as being indefinite for failing to particularly point out and distinctly claim the subject matter 
which Applicant regards as the invention. AppHcant has amended claims 1-3, 6, 9-11, and 13 to 
now recite "transparent proxy," as requested by the Examiner. Accordingly, these rejections are 
no longer appropriate and should be withdrawal. 

§ 703 Rejection of the Claims 
Claims 1-4, 6-7, 9-17 and 20-31 were rejected under 35 USC § 103(a) as being 
unpatentable over Callaghan et al. (U.S. 2002/0007317) in view of Blum et al. (U.S. 6,182,141) 
and in view of Shrader et al. (U.S. 6,374,359). It is of course fundamental that in order to sustain 
an obviousness rejection that each and every step or element in the rejected claims must be 
taught or suggested in the proposed combination of references. 

With respect to the rejection of amended independent claim 1, Applicant notes that there 
is no teaching in the proposed combination of references, where a state token is generated fi-om 
pohcy enforcement data and where that state token is used as an authentication of the cUent to a 
transparent proxy. In fact, this is not foreseen or suggested in the Callaghan reference at all in 
any fashion, because state is defined and used in Callaghan as a simple standard cookie. 

This makes sense for Callaghan because in Callaghan a forward proxy is used as an 
intermediary between two disparate domains. More specifically, the Examiner's attention is 
directed to paragraphs 53 and 54 of Callaghan where it is the forward proxy that maintains all 
state information in a state table. Also, see paragraph 46 where the intermediate application is 
defined as the forward proxy and in paragraph 48 it is stated that the intermediate application 
exerts a "great deal of control over" the browser (client) and server (extemal domain). 
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In fact, since Callaghan is using a forward proxy to achieve its teachings, there is no need 
and no motivation to authenticate the browser (chent) to the intermediate application (forward 
proxy). This is so, because the cUent is preconfigured to interact with the forward proxy, which 
is by definition the interaction that would be used with traditional forward proxies. 

Conversely, Applicant's amended independent claim 1 receives a policy state token that 
is generated by the transparent proxy in response to policy enforcement data. The policy 
enforcement data acquired from a policy module and the policy module is not the transparent 
proxy it is a separate and distinct entity that may reside external to the transparent proxy or may 
reside within the same environment of the transparent proxy. (Note that this is not the case in 
Callaghan where the intermediate application is the forward proxy.) Since Applicant's invention 
is utilizing a transparent proxy, the policy state token provides an authentication of the client 
when that client subsequently interacts with the transparent proxy. This is not disclosed or 
taught in Callaghan. 

Additionally, there is no such teaching or suggestion of this teaching in Blum or Shrader. 
hi Shrader, authentication is achieved directly between two entities there is no teaching of an 
interposed transparent proxy. Accordingly, Applicant asserts that the rejections with respect to 
claims 1-13 are no longer appropriate and should be withdrawn. 

With respect to rejected claim 14, Applicant notes that Shrader teaches how a user 
directly interacts with a login server at startup and provides login information. Shrader, col. 5, 
lines 43-52. The user was not attempting to access an origin server and was redirected based on 
the identity of the origin server to a specific poUcy module using a poHcy module identifier. Li 
Shrader the user selects his login application by affirmatively logging into to it and interacting 
with it. Authentication is then stored as a cookie for the user to subsequently use. 

Conversely, in Applicant's amended independent claim 14, the transparent proxy 
identifies a policy module based on a policy module identifier which id determined based on the 
client's request for a resource of an origin server. One skilled in the art, readily appreciates that 
the technique used and positively recited in amended claim 14 by the Applicant is more 
advantageous than what is disclosed and taught in Shrader, because with Applicant's 
independent claim 14, the client simply attempts to directly access its desired resource, 
authentication selection mechanisms and authentication is then transparently performed via the 
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transparent proxy process on behalf of the cUent. The client does not have to identify a login 
module and does not authenticate to a specific origin server; rather, the client authenticates to the 
transparent proxy process, and the transparent proxy process vends authentication information on 
behalf of the origin server. This arrangement as positively recited permits a single login to a 
single transparent proxy process, which the client is unaware of, and permits the client to interact 
with a potential plurality of resources and other origin servers with a single authentication, such 
is not the case and not achievable with the teachings of Shrader alone or in combination with 
Blum. 

Moreover, even assuming that Shrader used a transparent proxy arrangement of Blum, 
this combination would still not read on Applicant's amended independent claim 14, because 
there is no teaching in Shrader or Blum, where the resuhing transparent proxy would be capable 
of vending authentication information for a plurality of resources or origin servers. However, 
this is clearly positively recited in AppHcant's amended claim 14, because authentication is 
between the client and the transparent proxy process and not as is taught in Shrader between a 
user and a target login process for a target server. If the target login process of Shrader was the 
transparent proxy of Blum using the teachings of Shrader, then there would be no transparent 
proxy because the user would know and be configured to directly interact with that transparent 
proxy; essentially the combined teachings of Shrader and Blum would be using a forward proxy 
and would negate the teachings of Blum and fall outside the scope of Applicant's invention. 

Accordingly, Applicant respectfiilly requests that the rejections with respect to claims 14- 
22 should be withdrawn. 

With respect to independent claim 23, Applicant's amended claim 23 positively recites 
client authentication to a transparent proxy where that authentication determines access to a 
service. Authentication, if at all present, in Callaghan is between the client and a specific target 
server. Authentication is not taught via a transparent proxy acting as a transparent process 
between a client and a target server in Callaghan. Moreover, adding Blum with Callaghan 
results in client authentication to a target server and not to a transparent proxy, even if that 
authentication is achieved via a Blum transparent proxy; the resulting client authentication is still 
directed to a target server and not to the proxy itself Accordingly, the rejections with respect to 
claim 23 are no longer appropriate and should be withdrawn. 



AMENDMENT AND RESPONSE UNDER 37 CFR §1.111 Page 1 2 

Serial Number: 09/484,691 Dkt: 1565.035US1 

Filing Date: January 18, 2000 

Title: BROKERING STATE INFORMATION AND IDENTITY AMONG USER AGENTS, ORIGIN SERVERS. AND PROXIES 

With respect to independent claim 27, Applicant's amended independent claim 27 now 
positively recites that the policy enforcement data is used for purposes of determining 
authentication of the client to the transparent proxy. Accordingly, for the reasons stated herein 
and above with respect to claims 1, 14, and 23, the combinations of Callaghan, Blum, and 
Shrader standing alone or in various combinations with another fails to teach or suggest each and 
every step of claim 27. Thus, the rejections with respect to claims 27-3 1 should be withdrawn. 

Claim 5 was rejected under 35 USC § 103(a) as being unpatentable over Callaghan et al. 
in view of Blum et al. and Shrader et al., and further in view of Birrell et al. (U.S. 5,805,803). 
Claim 5 is dependent from amended independent claim 1 . Therefore, for the amendments and 
reasons stated above with respect to Applicant's claim 1, the rejection with respect to claim 5 
should be withdravra. 

Claim 8 was rejected under 35 USC § 103(a) as being unpatentable over Callaghan et al. 
in view of Blum et al. and Shrader et al., and further in view of Abdelnur et al. (U.S. 6,212,640). 
Claim 8 is dependent from amended independent claim 1. Therefore, for the amendments and 
reasons stated above with respect to AppHcant's claim 1, the rejection with respect to claim 8 
should be withdrawn. 

Claims 18-19 were rejected under 35 USC § 103(a) as being unpatentable over Callaghan 
et al. in view of Blum et al. and Shrader et al, and further in view of Makarios et al. (U.S. 
6,401,125). Claims 18-19 are dependent from amended independent claim 14. Therefore, for 
the amendments and reasons stated above with respect to Applicant's claim 14, the rejections 
with respect to claims 18-19 should be withdrawn. 
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CONCLUSION 

Applicant respectfully submits that the claims are in condition for allowance, and 
notification to that effect is earnestly requested. The Examiner is invited to telephone 
Applicant's attorney at (513) 942-0224 to facilitate prosecution of this application. 

If necessary, please charge any additional fees or credit overpayment to Deposit Account 
No. 19-0743. 
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